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REMARKS 

Reconsideration and allowance of the above-referenced 
application are respectfully requested. New claims and claim 
amendments are presented herein to obviate the current 
rejection. No new matter has been added. 

Claims 1, 2, 3, 6-23, and 25-34 stand rejected under 35 USC 
§ 103(a) as allegedly being unpatentable over Freund. This 
rejection is respectfully traversed. 

Claims 1-16 have been canceled. New claims 35 and 42 are 
presented herein with dependent claims having similar scope to 
claims depending on previous claims 1 and 9 . 

Claim 35 recites establishing a secure virtual private 
network connection between a server and a remote system, 
delivering security policies from the server to the remote 
system during initialization of the secure private network 
connection, and regulating access to nodes accessible via the 
server by the remote system based on the security policies and a 
priority associated with at least one application program 
running on the remote system (for support, see, inter alia, 
specification p. 2, lines 26-30; p. 3, lines 27-29; p. 4, lines 
16-20) . Claim 42 contains similar features. 

Claim 17 was amended to recite "deliver a set of policies 
to the second device during initialization of a virtual private 
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network between the first and second devices; and the second 
device is adapted to: run an application; use both said policies 
and a priority assigned to the application to detect data 
packets from unauthorized activities..." 

Claim 21 was amended to recite: "receive policies in the 
policy engine from the policy server during a virtual private 
network session; use the socket interceptor to detect and reject 
data packets from unauthorized users and applications and 
provide the packet guard with context information about the 
unauthorized users and applications including at least 
information a priority of the application*.." 

Claim 30 was amended to recite: "transmitting information 
indicative of security parameters from the primary computing 
system to the remote computing system using the security policy 
engine during initialization of the VPN; configuring the network 
stack based on the information indicative of security 
parameters; subsequently running a particular application 
program on the remote computing system,- selecting information 
indicative of updated security parameters based on a priority of 
the particular application program..." 

Freund fails to describe or otherwise suggest delivering 
security policies from a server to a remote server during 
initialization of a VPN . With the arrangement recited in the 
claims, policies are delivered to the remote system in a trusted 
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manner without being compromised by mid- stream elements and 
host-based software. Additionally, the policies are delivered 
just prior to establishment of a secure connection, making such 
delivery dynamic in nature. 

Freund describes that communications between a client-based 
filter on a centralized supervisor, all on a single LAN, and a 
supervisor application and a firewall associated with the LAN 
may be encrypted (see, inter alia, Freund col, 5, lines 6-2 0) . 
However, the skilled artisan simply would not have modified this 
arrangement to result in the subject matter as claimed. 

In addition, Freund also fails to disclose or otherwise 
suggest regulating access based on a priority associated with 
the application. Rather, Freund describes defining URLs that a 
user can access (see, inter alia, Freund abstract) . There is no 
priority determination used in limiting access to such URLs. 
Moreover, Freund fails to disclose regulating access to a node 
associated with a server (but rather describes preventing a user 
from accessing a particular URL) . 

Accordingly, the claims should be allowable. 

It is believed that all of the pending claims have been 
addressed in this paper. However, failure to address a specific 
rejection, issue or comment, does not signify agreement with or 
concession of that rejection, issue or comment. In addition, 
because the arguments made above are not intended to be 
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exhaustive, there may be reasons for patentability of any or all 
pending claims (or other claims) that have not been expressed. 
Finally, nothing in this paper should be construed as an intent 
to concede any issue with regard to any claim, except as 
specifically stated in this paper, and the amendment of any 
claim does not necessarily signify concession of unpatentability 
of the claim prior to its amendment. 

Applicant asks that all claims be allowed* Please apply 
any other charges or credits to Deposit Account No. 06-1050. 
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